Hacker News new | comments | show | ask | jobs | submit login
US Appeals Court: Forced Decryption Is Self-Incrimination (volokh.com)
518 points by zach 2037 days ago | hide | past | web | 113 comments | favorite

Wow I think they got one right. It will be interesting to see how the government continues. Since currently its only a decision in the 11th circuit. If the government appeals, it goes to the supremes and if they hold that its a violation of your fifth amendment then everyone in the country gets to claim the fifth rather than give up the key.

While I hate evil doers just as much as the next person I dislike the loss of civil liberties even more.

Well, not everyone. There are still situations in which the decryption would not be testimonial in nature and would thus not be privileged.

Or situations in which the data wouldn't incriminate the owner of the data but rather someone else, etc.

Still, handing over the data would require the government agreeing that they wouldn't mine the data to find a prosecution against you, which is likely what companies already do.

Two analogies I use: rag doll and sawz-all.

Rag doll: so long as they can manipulate your uncooperative unresisting body to do something (apply thumbprint, get DNA sample), they can order you to cooperate. They cannot, however, compel you to do something which they otherwise have no case without.

Sawz-all: so long as getting into a safe (or whatever) is just a normal matter of time and money, they can order you to open it. If, however, "opening" an encrypted volume or some such by brute force will take something on the order of heat death of the universe, and otherwise they have no case, you can stay silent.

Those analogies are only useful to the extent they agree with the law. Otherwise they're just arbitrary.

As if the law isn't arbitrary! Both are arbitrary, and both might be reasonable.

He didn't say "reasonable", he said "useful".

If the safe then contained papers written in code, or an unknown language, would the court be able to compel the owner to translate those documents? To me, the hard drive platter is the paper, whereas the encrypted data is the contents of the papers.

> If the safe then contained papers written in code, or an unknown language, would the court be able to compel the owner to translate those documents?

under some circumstances, they could. the "foregone conclusions" doctrine says that if they know 1) what the contents say, 2) that those contents are incriminating, 3) that you can translate it, and 4) can prove 1-3, then yes, then can compel you to do translate / decrypt.

If they already know what the contents say then what's the use?

this is exactly why they can compel you to testify against yourself. the additional testimony (decrypting your drive) is a "foregone conclusion". this is one of the few exceptions to the fifth amendment.

Those analogies miss a key point. Only the testimonial aspects (e.g., implicitly acknowledging that the files actually exist and are under one's control) are protected. Furthermore, under the “foregone conclusion” doctrine, even the testimonial aspects may not be fully privileged.

See Footnote 19: "If in the case at hand, for example, the Government could prove that it had knowledge of the files encrypted on Doe’s hard drives, that Doe possessed the files, and that they were authentic, it could compel Doe to produce the contents of the files even though it had no independent source from which it could obtain the files."

Am I correctly understanding this decision to mean that, if the government already knows there's incriminating data on the drive, a compelled decryption would not be testimonial (as in the referenced cases from the 5th Circuit); but that the gov't can't compel decryption in order to go on a "fishing expedition", as any evidence found would be self-incriminating, and thus incur 5th Amendment protection?

If so, that sounds spot-on correct to my (admittedly, lay and NAL) understanding of the issues.

I take a slightly different view in that one should never have to cooperate in any way in his own prosecution. Except for computers, nothing else is mandatory; if you refuse to be arrested, the cops will taze you (bro), if you go on a hunger strike in prison, the guards will tie you down and feed you through a tube, and so on. With all that as context, it seems absurd that you should have to type your innermost thoughts into a laptop so that the government can send you to jail.

If you consider "resisting arrest => getting tazed", and "hunger strike => force feeding" as acceptable consequences for refusing to cooperate then "refuse to provide password => held in contempt of court" is always going to be an option for you.

In the first two examples, they gain your cooperation without your will.

When you are held in contempt, you still have to agree to cooperate to escape it.

worst case => you forget your password, now you can just be held in jail for life if judges don't believe you.

There's a vast difference between not cooperating and actively impeding. Destruction of inculpatory evidence, for example, is a crime, even if, by some definitions, destroying the evidence could be termed "not cooperating." That's why, IMO, the court makes a distinction between compulsory decryption of a drive which the prosecution already knows to contain incriminating data (which isn't testimonial, and hence not subject to 5th Amendment protection), versus being compelled to decrypt a drive because the government thinks it's likely to find incriminating evidence on it.

Actively impeding the prosecution, in the form of refusing to decrypt a drive known to contain inculpatory evidence, is in many ways tantamount to destroying that evidence. (Assuming, of course, reasonably secure encryption technology, &c.) You're not incriminating yourself by giving them the plaintext; they already know you have it, whether through confession, third party testimony, or some other means.

What the court is saying here, OTOH, is that it would be testimonial, and hence subject to 5th Amendment protection, for you to decrypt a drive the prosecution merely suspects to contain inculpatory evidence, however strong their argument for suspecting such evidence to exist (and they'll have much better arguments than, "Well, drive is big enough to hold millions of files..."). If they were to find any such evidence, they'd have found it through compelling you to provide it to them, and that's the thing they're saying is counter to the 5th Amendment — that, in providing them with evidence they didn't already specifically know to exist, you've incriminated yourself.

> is in many ways tantamount to destroying that evidence.

Nope. Doesn't fly. You imply that now that person can be jailed and held in contempt indefinitely until they comply.

Ok, so what if they forgot the password? What then? Forgetting the password is not the same as physically taking a hammer and destroying the hard drive. As far as the prosecution getting access to the documents, it has the same effect, but that is just that -- the same effect, it does not fall into the "knowingly destroying evidence" type action automatically.

So now you suggest that basically people can punished for forgetting. I see a big problem with that.

Moreover you give a (wrong) password and it doesn't work. You say "I am pretty sure that was right, to the best of my knowledge. I suppose I could have gotten it wrong, or maybe even the drive is damaged....." How do they know that this is a deliberate act? It seems here that lying to the police suddenly gives some degree of protection which strikes me as somewhat insane.

Indeed there have been cases in the UK where the defendant's apparent cooperation was enough to ensure there could be no RIPA prosecution even though the password to the encrypted hard drive did not seem to work. So this is not merely hypothetical.

You said: "Actively impeding the prosecution, in the form of refusing to decrypt a drive known to contain inculpatory evidence, is in many ways tantamount to destroying that evidence."

But it isn't /actively/ impeding, it's passive. One is refraining from taking an action.

There is no point arguing the semantics of English in a legal discussion.

>one is actively refraining from taking an action.

I guess I disagree. Not generating evidence is different from destroying evidence; encrypting your laptop while you discuss drug deals is like wearing gloves while you steal the Hope Diamond.

Similarly, requiring you to actively aid in your own prosecution has no precedent. You can "lie by omission" while providing testimony, for example.

Not doing something to protect evidence is different from doing something to destroy evidence. If that's not the case, then every drug user has "destroyed evidence" of its possession by burning it and inhaling the fumes or by digesting it with their stomach acid.

encrypting your laptop while you discuss drug deals is like wearing gloves while you steal the Hope Diamond.

Disagree. The encrypted laptop contains evidence, in the form of emails, chat logs, or whatever, generated in the course of the discussion. Wearing gloves doesn't destroy evidence; it simply prevents its creation. Not logging your chats about drug deals would be the equivalent of wearing gloves while burgling; logging to an encrypted drive is something entirely different.

You can "lie by omission" while providing testimony

Not always. If you don't mention that you were watching your neighbor in the shower when you saw the defendant break into her apartment and kill her, no-one's going to bat an eye. If the omission is materially relevant to the matter at hand, and made with an intent to mislead, however, that's still perjury.

"the prosecution already knows"

Sorry, you lost me. If the prosecution "already knows", then why does the drive need to be decrypted? It sounds like they already have the evidence.

And if they don't? Well, that's the definition of a "fishing expedition", isn't it?

Imagine that we're talking about accounting fraud. The prosecution might be able to prove that the relevant accounting records exist, and have grounds to believe that these records would prove that fraud occurred, but not have the actual contents of the records themselves.

Child pornography is special, because merely having "possession" of certain information is a crime. The law itself is bizarre, so you get bizarre results like this.

In the abstract, it's possible to have knowledge without having proof.

I don't know what "in the abstract" means in this case, but I do know that claiming to "know" something without having actual proof is what's called a conjecture:


A conjecture is not the same as knowledge, "in the abstract" or otherwise.

If I saw something with my own eyes, but didn't capture a video recording of it, I could argue that I have knowledge but not proof.

Honest question here: From a legal standpoint how can the" prosecution already knows [the harddisk] to contain incriminating data" if the drive is encrypted?

Are eyewitnesses saying "I saw him type the death list into his laptop" good enough? What is the criteria to meet that point?

If the eyewitness is a police officer, then possibly yes:


> Honest question here: From a legal standpoint how can the" prosecution already knows [the harddisk] to contain incriminating data" if the drive is encrypted?

In many cases they can have intercepts, or bugs (cameras), but they are often not enough to form a water-tight case. They can therefore "know" you have incriminating data on your drive (or at least they will argue that point).

If they don't have a case without the contents on the drive then they don't have a case! I scoff at the prosecutors that claim "but if we can't get the encrypted contents then criminals will get away!" Hey dipsticks! Maybe you should collect other evidence and maybe make sure you build up a case that doesn't strictly rely on the contents of a hard drive that you don't even have possession of. Okay, so lets say you get the drive decrpyted... how you gonna prove who/how the contents got on the drive?

Well, that's exactly the point of the case - if the defendant decrypts it, by that fact he proves he knew the password - meaning, he is the owner of the drive and had control over it. Giving by that to the police proof of both that the content was illegal and that he owned it. Unfortunately for them (but fortunately for the defendant) the court did not go their way.

> how you gonna prove who/how the contents got on the drive?

There's no such thing as 100% proof. It's about being "beyond reasonable doubt", and as 'weaselly' as that might sound, it's true. If they intercept data coming over the wire, to your PC, and you have been the only person home and the chances that someone would plant a few terabytes of illegal data on your drive at those precise times...

Okay, given this some more that.

In the case of US vs Fricosu, merely having the documents the government says exist on the encrypted drive does not in itself constitute a crime (like child pornography would/does in the case mentioned in this story).

So, if we take a step back and ignore that the person who holds the key to the "safe" (the decryption key to the hard drive) is the defendant and pretend it is you or I that hold the key, then you and I could be compelled to decrypt the drive and disclose its contents or face contempt of court. Now if I was forced by the court to decrypt the drive,prior to doing so I would ask (and require) immunity from any and all evidence found that would/could incriminate me. It also appears the government is aware of a document or documents that exist and have certain contents... this is all they have a warrant for and are asking for.

Change the scenario. The police have reason to believe that there is a gun in a safe that I own that was used in a murder. The have enough evidence to obtain a search warrant and compel me to open the safe. I didn't commit the murder but supposed someone else did. The force compels me to open my safe. Me owning the safe or the gun in itself is not a crime and is not incriminating. Perhaps I have a stash of drugs in my safe too. Prior to opening the safe I will ask for (and require) immunity for any crimes that stem from obtaining or finding any other evidence not listed on their search warrant. I'm sure there will be some back and forth on this as to limit what degree of immunity I actually receive... but believe you me, I will make certain any thing related to the drugs I know exist in there which is completely unrelated to searching for and obtaining a gun. Nothing wring with being compelled to opening the safe.

Take the above scenario with one small change I (or you) the owner of the safe (that contains the gun, or so the government believes) is person accused of the murder. I will still ask for and go after immunity for anything not related to the current case. Owning the safe, and the gun, in itself is not a crime so unlocking the safe and allowing for the search is not incriminating in itself. The government still needs to build a case that I pulled the trigger on the gun and murdered someone (not that I merely knew that I had A gun or that I possessed a gun that I didn't know was used in the commission of a crime).

The sticky point is, how can the government prove that a person knows the combination to a safe (or decryption key for a hard drive)? This is what the judge and court is trying to determine in the Fricosu case. Can she and does she know the key? And if she refuses to unlock it or says she doesn't know how can they "prove" she's lying?

I've always wondered this about forced decryption: what if you have large random files on your harddrive? (irrelevant how they got there -- you may not even know) For all intents or purposes these look like encrypted data, and if they could force you to "decrypt" them you have a problem of Kafkaesque proportions.

Is there any rule that data on your drive should be somehow sensible and decryptable to human-understandable information, using keys that you have in your head?

People wanting to use encrypted volumes; or encrypted drives; or who delete individual files; or who wipes discs[1] often use writes of random data to 'sanitise' the drive before writing their data.

Thus, they're likely to have lots of random data strewn around their drives.

I have no idea what would happen if you coughed up two keys which unencrypted 30% of that random data; what would happen with the rest?

Realize that this is a fairly narrow opinion, and, in my opinion, not a particularly well-reasoned one.

The issue here is child pornography: the would-be defendant was suspected of having child pornography on various hard drives which were encrypted. The court states that the actual contents of the hard drive are themselves not testimonial—that is, they are not covered by the Fifth Amendment and, if the government had access to the hard drives, they could present whatever was incriminating on them into evidence. So the issue is whether the act of producing the documents is a testimonial act and therefore covered by the Fifth Amendment

The court concludes that the act of production is a testimonial act because, one, the testimony was not a "foregone conclusion." This holding is based on a case called Fisher v. United States, in which the Supreme Court stated that it was not testimonial to hand over certain papers that might have incriminating evidence because conceding that documents existed, that you had control over the documents, or that they were in your possession was not incriminatory given the circumstances of that case. Under the "foregone conclusion" doctrine, the government knew of the existence and location of these papers so the production of the papers added nothing or little to the government's information. If the government did NOT know that documents existed, they could not compel a would-be defendant to reveal the documents.

Second, and most importantly, the court concluded that decrypting the documents would "use the contents of [the would-be defendant]'s mind" because "the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files." It's again important to note that this is a child pornography case: possession of child pornography is a crime, so if the would-be defendant here provided a decryption key, this would be tantamount to him admitting that he possessed the hard drive and had access to the files within it—that alone would constitute a crime if the files were found to be child pornography. This is therefore what the court later refers to as an "implied factual statement" and the Fifth Amendment protects this. Although the court also suggests that providing a decryption key might be like providing a combination (and therefore be admissible for Fifth Amendment protection on other grounds), it unfortunately devotes very little space to this discussion—and this seems to be the really big issue here.

The case therefore leaves several unanswered questions: this is a child pornography cases where mere possession alone is a crime: what if that wasn't the case? What if this was a murder case and the defendant had stored notes about his murder on the computer? What if the foregone conclusion doctrine wasn't applicable—would the conclusion here be the same (most of the opinion is actually devoted to this discussion, which is less broadly applicable because, if the police know of the existence of specific files on hard drive, this doctrine is inapplicable)?

Anyhow: it still is possible to get access to these documents if the government gives him sufficient immunity, as the court notes. This would be pretty important because if no one could ever access these documents (which presumably would be possible if the would-be defendant doesn't decrypt them) that would be an enormous problem for our justice system.

In conclusion: the applicability of this case to future cases is unclear, so, for those that want this result, I don't really think this is a "slam dunk." There will likely be many future cases further developing this doctrine. As such, right now, it's very difficult to discuss the merits of the court's holding on the "decryption is testimony" argument (which, in my mind, is the most important) in a general sense, since the reasoning here seems very specific to the facts of case.

this is a child pornography cases where mere possession alone is a crime: what if that wasn't the case? What if this was a murder case and the defendant had stored notes about his murder on the computer?

If someone is asked to decrypt their drive for a murder case, could they then invoke the Fifth Amendment on the basis that they might have child pornography? Can the Fifth Amendment protect you on an unrelated crime that you mention without either admitting to it?

This is covered by 18 USC 6002: http://www.law.cornell.edu/uscode/text/18/6002

In short, a judge will grant a person legal immunity from prosecution. This removes the fifth amendment argument, as you cannot be prosecuted for the child porn, and you can be compelled to testify.

For example, an accomplice to a crime might be offered immunity -- after which the accomplice cannot refuse to testify under the fifth amendment. Remember, the fifth only guarantees that you will not be compelled to serve as a witness against yourself -- it does NOT grant you the right to remain silent at all times, contrary to popular belief.

What if the decryption key is "I am guilty of the murder", would it then be protected since the act of revealing it would be self incriminating?

How would that work? If I write "I just killed a child" here it doesn't mean I actually did that. Similarly. if I used a decryption key "I am guilty of the murder" then it still does not mean I'm guilty of any murder, just that I have a poor sense of humour and used an odd encryption key.

That encryption key wouldn't provide proof, but there are many that would. Trivially a sufficiently long key could embed a video of the murder.

And it would be trivially impossible to memorize.

> since the reasoning here seems very specific to the facts of case.

as it should be! i think that neither "all decryption is testimonial" or that "no decryptions are testimonial" are good policies. imho, decryptions should be treated in the same manner as other paper based evidence production requests: most of the time, the government cannot compel you to produce evidence testifying against you, but there are certain exceptions ("foregone conclusions" included).

> What if this was a murder case and the defendant had stored notes about his murder on the computer?

i don't think you're interpreting the "foregone conclusion" doctrine correctly. what it means is that keys, passwords, decryptions, etc cannot be used for the police to go on fishing expeditions for evidence. if they know you have incriminating evidence and can show that, then they can compel the production of that evidence. this is something that happened in US v Fricosu, in which Fricosu actually was compelled to decrypt. note that this ruling, which does not compel decryption, is entirely consistent with US v Fricosu

My reading is that the court implied, and what likely could be argued/people would like to argue, is that, even if police were aware of the existence of specific documents, you might still be able to use the Fifth Amendment to prevent decryption. If that was the clear holding of this case, that would be significant. My point about the murder case was to replicate a factual scenario in which the government knew of specific files, and the possession of those files alone would not constitute a crime: could the would-be defendant still use the protections of the Fifth Amendment to prevent decryption? That factual scenario is comparable to Fricosu: the government knew of the existence of specific files and compelled decryption. Given the dicta in this case, however, it is arguable that, even in such a scenario, a defendant would be able to prevent decryption, thus creating an inconsistency with Fricosu. As far as I am aware, only the Fricosu court has discussed this issue--and that was cursory, and from a district court in Colorado.

I'm sorry, I don't understand how the fact that possession itself is criminal is relevant. If the government actually knew of the existence and location of illegal files on the case, the foregone conclusion doctrine would allow them to compel decryption (as in U.S. v. Boucher). The same would be true of your hypothetical murder evidence.

If you cannot decrypt the files, can you be said to be in possession of the child pornography? In other words, even if the files are child pornography, if he cannot decrypt them himself, it isn't clear if he is guilty of the crime. OTOH if he can, it is clear he is.

> even if police were aware of the existence of specific documents, you might still be able to use the Fifth Amendment to prevent decryption

not if it knew that these documents were under your control and were incriminating. what exactly suggests your reading? the opinion was pretty specific about how the government could not prove the existence of any specific incriminating files on the defendant's drive, and thus, it was not a foregone conclusion

> the murder case ... possession of those files alone would not constitute a crime

whether the possession of the files is in and of itself a crime is irrelevant to the fifth amendment. the only thing that matters is whether your testimony can be used to incriminate yourself.

> Given the dicta in this case, however, it is arguable that, even in such a scenario, a defendant would be able to prevent decryption, thus creating an inconsistency with Fricosu

Author of the article disagrees. From the article:

> Also note that the court’s analysis isn’t inconsistent with Boucher and Fricosu, the two district court cases on 5th Amendment limits on decryption. In both of those prior cases, the district courts merely held on the facts of the case that the testimony was a foregone conclusion.

I understand that this case was decided on grounds consistent with Fricosu, and that the court held that the testimony was not a foregone conclusion and therefore the court could not compel decryption. I am not disputing that that is the holding of this case.

However, in addition to that, the court notes that there are two reasons why the Fifth Amendment prevents compelled description. Besides the foregone conclusion doctrine, there is discussion such at 22: "the decryption and production of the hard drives would require the use of the contents of Doe’s mind and could not be fairly characterized as a physical act that would be nontestimonial in nature. We conclude that the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files." This to me implies the court's belief that the act of production would be testimonial because it would imply that Doe possesed and had access to incriminating files. Since possessing and having access to child pronography is a crime, that alone--that act of him affirming that he had access to such files by providing a decryption key--would incriminate him. By implication, this would not be the case if possession of certain docuemnts was not itself a crime, yet these documents could be incriminating.

The court spends 2 paragraphs discussing this, but I think it is not inconceivable that this sort of argument could be applied to other cases where the foregone conclusion doctrine might otherwise be succesfully applied to compel decryption, since ostensibly any 1 of the court's two points could be used to prevent compelled decryption. I wonder if this conclusion is based solely on the nature of the crime alleged here, or would be applicable to other crimes where merely showing that you have possession to access to incriminating documents is not itself a crime, as in child pornography.

Anyhow: it still is possible to get access to these documents if the government gives him sufficient immunity, as the court notes. This would be pretty important because if no one could ever access these documents (which presumably would be possible if the would-be defendant doesn't decrypt them) that would be an enormous problem for our justice system.

Here's the sticking point for me: it's perhaps overly pedantic, but I want to view the world honestly, and there are some great points of absurdity here. (I always like the absurd, and the ways our world is otherworldly.)

The problem is that much of our approach to information is creative, and we need to start thinking in those terms.

If you have a JPEG of a murder on your unencrypted hard drive, that's not actually a photograph; it's a set of magnetic pointings which can with certain hardware be used to produce a photograph. If you think about it, that also applies to writing on paper, or colored splotches encoding an image into a physical photograph. Those require a creative attempt to produce meaning. The meaning can be off if the creative attempt is not followed through correctly. The easy way to see this is to imagine someone systematically using a common word in an uncommon way -- Feynman for example was once, on the Challenger commission, chasing down memos which sounded like NASA had been actively irresponsible, but instead it turned out to be a figure of speech they'd adopted for a certain phase of their construction. Or imagine that our demented individual really does have a very detailed, lifelike photograph which appears to document his murder of another, but in fact the "murdered" girl is a still-alive actress who was paid to appear in these photographs; the "blood" and such is very convincing but is ultimately a prop.

So the meaning can be off, if the creative act goes awry. I'm using this to underscore that you have to think, at some level, about that recreation of semantics from the physical fact.

Let me be clear: I don't think this is a barrier to investigation usually. I think it's clear that we expect a sort of 'normal hardware' that allows us to recreate semantics. The photographs in this safe, when viewed by a normal person in normal lighting, would show an image of the defendant committing a murder -- and if they want to say that this was all theatrically staged, they may produce the actress or others involved in the production. By that account, photographs inside of a safe are also governed by this principle: even if their physical location happens to be remote and inaccessible, reproducing the image from the photograph is as simple as just looking at it. The photograph really contains the image, up to a 'trivial' semantics.

Now bring this back to your other example of an encrypted disk storing child pornography. That is a nontrivial semantic inflation: you are literally asking the defendant to create child pornography for the purposes of the case. In some sense perhaps you're just saying "create whatever this drive's contents are," with the understanding that the police is going to look through it for child pornography -- in that phrasing, it's more clear that this pornography might not actually exist, etc. -- so there is perhaps a way to comply without generating child pornography at the judge's request.

But still, that's a little mad and absurd in the wonderful way that our world can be otherworldly. It opens up all sorts of questions which I have no clue how to answer. Decryption, like most computation, is a creative act. To demand decryption is to demand creation.

I quoted the above in particular because I really don't care about the "enormous problem for our justice system." Like, the fact that we don't have embedded realtime GPS trackers installed in our spines is an "enormous problem for our justice system" because it makes it so tremendously hard to figure out whether our alibis are true or false. Screw that sort of thinking. Whatever caused the investigators to think this individual was manufacturing or downloading kiddie porn should have been enough to convict. This shouldn't be a gray-matter area. "We just cracked down on this peer-to-peer kiddie porn program, we saw that you were using it to share many images, here are the filenames that the defendant's computer was sharing at the time we busted into his house with a warrant." (Are the police allowed to download such things? Probably. "Here are just a couple of the images we downloaded from him," too, then.) So, if they don't have a case and are fishing through the hard drive to try to make one, that's more or less explicitly what the Fifth Amendment is supposed to guard against: "we don't know your exact sins but we know you're a sinner so damn it, confess!"

But still, the sticking point is the glorious absurdity: "Mr. Doe, we have reason to believe that if you say the magic word, your computer will manufacture child pornography. We demand that you say the magic word, so that we know whether this is true." How will we decide that issue in the face of its pure and present absurdity?

I have another pedantic concern, along different lines. Strictly speaking, decryption function y = f(x) produces deterministic output y based on the application of an algorithm to key x.

Most encryption software, including TrueCrypt, will complain if you provide the wrong key. I object to this behaviour strenuously. What if it stopped doing that? What if it just gave you whatever output would arise from feeding key x into the algorithm? It would be upon the court to show that the resulting incoherent mass of bytes does not contain "satisfactory" output, which requires them to show what the satisfactory output ought to be, which means they must have some idea of what they're looking for to begin with and the ability to show that it exists on the encrypted medium to begin with. This would be problematic in most cases.

Truecrypt do not allow this (yet).

There is another cool utility - encfs. It have magic option "--anykey". Basically, it stops verification of key hash and always tries to decrypt with key you provided. Thing is - it will show you only correctly decrypted files. So, by using different passwords you essentially create layers of encrypted files, where each layer is decrypted by different password..

Truth is - if something did not decrypt, LEO will see it, but I do not see how they could prove you provided wrong password intentionally, and not at some point changed password to new one, and old been forgot. This essentially will happen when you use different password - you will receive no error and empty container where you can start add personal files..

Well, it's not actually too problematic. Usually there are forms of metadata which persist and can store this sort of information. So let's assume that you didn't go for whole-drive encryption, and your text editor shows in its recent history "/media/truecrypt1/where-I-buried-him.txt", written on the evening of the murder: so the police believe that somewhere on your computer is a text document revealing where the victim was buried. And since it's my story, we'll suppose that you're completely innocent and that this is a fictional story you've been writing for the last three months, but you're worried that your bizarre murder fiction sounds eerily similar to the circumstances that the other guy died, and might tend to sound incriminating or character-assassinating to a jury.

Even if TrueCrypt didn't protect their encryption with a message-authentication code, the police would still notice that you had given them a decrypted file without a filesystem on it -- much less a filesystem containing /media/truecrypt1/where-I-buried-him.txt . If they have already convinced a judge to force you to decrypt the file, they could just tell the judge "this person is being uncooperative!" and your hijinks will get you nowhere.

Now suppose that they do not have this, but convince the judge that since you have TrueCrypt, and this is the only random-looking file on your computer, that this is probably your TrueCrypt archive. They convince the judge to threaten you with contempt if you don't decrypt it, through whatever means they have available to them. Well, TrueCrypt containers are always meant to be directories -- i.e. they always hold file systems -- and so you'd best decrypt this container into a file system! But that severely restricts your defense.

TrueCrypt will let you do something different: to provide a 'wrong key' which indeed decrypts the device to a valid file system. This is their 'hidden volume' system.

I'm kind of mixed in my reaction to TrueCrypt's hidden partitions, for other reasons. But they address the problem that you've identified, and I haven't figured out a better solution.

Well, TrueCrypt containers are always meant to be directories -- i.e. they always hold file systems -- and so you'd best decrypt this container into a file system! But that severely restricts your defense.

TrueCrypt is not meant to hold file systems any more than a hard drive is. There is nothing stopping you from not creating a file system on your truecrypt volume and just storing garbage in it - or use another encryption software on top of it.

TrueCrypts hidden-volume feature is quite meaningless in most cases (my opinion) due to the way it is likely used. If you present a decryption key that gives access to a filesystem that does not match what was expected then you are in trouble.

Especially the hidden OS feature... So you have been using this laptop on multiple occasions the last week (of which we have proof) but according to the filesystem you presented to us this system haven't been used for over a month.

The same goes for a hidden volume. Unless you actively use it as often as you use your device (which is really cumbersome to do right) you might just be better of without it since exposing it will tell them way more than you want to tell them (for starters it will tell them that you are actively lying and having made precautions in order to try and get away with lying).

Your last paragraph is actually the "mixed reactions" that I was having. It seems like for hidden volumes to work right, you need to constantly be using the outer volume. That's fine, there are plenty of applications you might want to encrypt but might not need to hide from the police -- passwords and emails, perhaps, or legally-downloaded-and-possessed pornography, or a journal, or something like those.

The problem is, due to what I guess is something of a flaw in the central idea, you ultimately have to provide the password for your inner volume when you do all of these things which don't involve it. So now your private data is split up over two drives, which is at least somewhat questionable, and also the "mundane" drive requires the "important" password.

This may be acceptable if you're collecting a small cache of text documents which you believe could harm a corporation -- then you say "no, I don't have those articles, see, this really is just my porn stash, please don't hurt me. But a criminal or a government -- no, they're willing to be patient and they're perhaps willing to peek at your password input prompts with webcams or audio-recordings. They would know that there's an extra password being entered every time you decrypt that file.

> which means they must have some idea of what they're looking for to begin with and the ability to show that it exists on the encrypted medium to begin with

this is not a pedantic side concern, but is in fact, the key component of the government's ability to compel evidence production. if they cannot show that they know what's on your hard drive, that you control it, and that what's on your hard drive is incriminating, they cannot compel you to decrypt it.

so yeah, if you gave them a bad key and your decryption algo returned garbage, they'd certainly lock you up for contempt (given the aforementioned conditions were true).

That'll be a problem when people really do forget their passphrases. Given that they've been through a lot of excietment, what with getting arrested and maybe jailed for a while, and they're often asked for the passphrase a significant amount of time after the computer is confiscated, that could well happen.

And then you'd have to hope that the 1 in 1e100 chance doesn't come along where your passkey changes your hard drive into a Windows 95 computer filled with US nuclear secrets.

dm-crypt does this. I don't know the internals of the algorithms used, so I don't know whether that is just a feature of the userspace software or it is impossible to verify the decryption was succesful. I presume it depends on whether a hash or a header are stored somewhere.

From a theoretical perspective, applying encryption/decryption is more like applying an isomorphism, that is, turning one mathematical structure into an equivalent mathematical structure (with no information loss). I cannot see how this is a "creating" action, let alone a "creative" one.

Now, such isomorphisms turning one information into another could in theory be found for any two pieces of information, but here we are talking about a very limited family of isomorphisms between spaces of all finite binary sequences, so there is little to no creativity involved in selecting and using such an encryption function.

I feel like I followed your reasoning but did not end up at your conclusion. Where do you draw the line to say passing over that line is creation? You seem to start out making the point that the decrypted drive is many steps away from child pornography, power needs to be supplied, the hard drive needs to spin, an operating system, CPU, motherboard etc needs to interact with the drive to read the bits and copy them to many different memory systems, an algorithm needs to be applied to them to decode their compression, the result of which needs to be fed to a display or printer and viewed by a person with functioning eyes...

But then you seem to be fine ignoring all that and calling the decrypted contents "child pornography". Why aren't the encrypted contents also child pornography? Why is decrypting them the point of creation, rather than, say, opening them in an image viewer?

I think you didn't follow my reasoning then. The point is that the creative act is everywhere, and we prefer to abstract it away in general. So it's not that "passing over some line" is creation, there are dozens of creation lines that we must follow to go from "this block of metal" to "contains an image of the murder." That block of metal contains spins which we interpret as 1s and 0s comprising a pattern which we'd recognize as a compressed JPEG file which, if you render it onto a screen and then look at it, and interpret this blob of color as being blood and that blob of color as being the victim, shows an image of the victim apparently recently deceased. All of those are essentially creative steps.

Now, I'm also trying to form a line of demarcation for why we feel we can abstract those away, and I think that at least an acceptable first approximation, a first abstraction layer, is something like "a normal person with normal tools can look at X and, through this, view a pornographic image."

If it's encrypted then the point is that this becomes one of Joel on Software's "leaky abstractions." The problem is that no, we can no longer ignore the massive number of creations, because you need to say a Magic Phrase to interpret this thing as an image. If you pronounce a different phrase, it just looks like random data. What we're telling the defendant is something like, "say the phrase that makes this look incriminating" -- or perhaps just "say the phrase that makes this not look random."

I guess to answer your last question: Neither the encrypted nor the decrypted contents are, in the absolute strictest sense, images. They have to be rendered onto a screen and then viewed by a conscious person of sound mind to be images. (Maybe a better word is "viewings.")

So decrypting them is a point of creation, as is opening them in an image viewer, as is looking at that image viewer. The absurd thing to me is, if you really focus on the technical details, you'd have to conclude that they don't become "child pornography" until we view them and say "that looks like it was intended to arouse someone, and it looks like it contains an underage person."

So part of why I'm proposing the above "normal people with normal tools" idea is to give some ground to say that the decrypted stuff "can be thought of as child pornography" -- because a normal person will come to that judgment when using the data in a normal way. So in that sense, the decrypted contents "are" child pornography.

You may wish to ignore me on that; I may be becoming too philosophical and solving problems that don't need solving. Perhaps the big problem that's sitting at the back of my mind is this: for any large random-looking block of bits you give me, there is in principle a stream of bits which can be XORed with it to convert it into a JPEG file. In practice there are some limits based on block sizes and ciphers, but in principle there exists some mathematical transform which converts any normal hard drive into this sort of thing.

So I'm interested in the philosophical problem of excluding all of the transforms which we don't want to admit.

Those would be very fringe cases where they can't possibly catch a child pornographer without the data from his hard drive. You have to balance things out. The potential for abuse otherwise is a lot greater I think.

To me it all comes down to whether you have to force the cooperation of the defendant or not when gathering evidence. Part of the problem is bad analogies: "Demanding the private key to an encrypted volume is no different than demanding the combination to a safe" or any other equivalent concept. If the defendant doesn't provide the combination to a safe than the blowtorches are coming out. At no point is his cooperation a _necessary condition_ to the gathering of evidence. However, to demand the defendant disclose the private key --or the more common "we don't want the key, just what's inside" demand-- is to require his cooperation. It is now a necessary condition that the defendant comply in order to gather this evidence. And as such, it becomes an invasion into the mind of the defendant for the purposes of coercing a confession.

Indeed, the judge could grant immunity to the defendant, thereby requiring him under law to "testify" his private key, but then you don't have a case to prosecute. I wrote about this more thoroughly here http://aspensmonster.com/2012/01/26/on-private-keys-and-the-.... I'm curious to know what others think about all of this but lack the time to read through tens of pages of comments at the moment :P

I have some definite concerns with this. If producing the key via government coercion is legal, where do we stop? Right now, we have (admittedly) very crude technology that lets us probe the brain and tell with a reasonable certainty if someone is lying. It may be possible to produce a machine in the future that can analyze the mind well enough that it will be possible to tell what words a person is thinking. If that's the case, would it be legal to require the accused to be subject to such a machine to reveal their password? If that is the case, will the government need the accused's testimony at all?

Further along that line of thinking, it may become possible to change what a person is thinking by suppressing or exciting different regions within the brain. At that point, is punishment still legal if the government can simply change what a perpetrator thinks? For example, changing a con artist's mind so they no longer think of using their persuasive skills to con people. On the surface, isn't that what prison and the penal code is about anyway?

I believe we need to concern ourselves greatly about this, because we are now on the cusp of technologies that will make building brain-computer interfaces not only possible, but possibly simple. This will be an amazing boon to the elderly, others who have degenerative problems, and probably everyone else. At that point however, where does an individual's mind stop, and legally-accessible file storage begin?

I believe the slippery slope of both these arguments starts at this point, deciding where the demarcation of self-incrimination is. What we decide as a society over this argument will have a significant affect on how our ultimate future will go.

Yes! There are still smart people in the justice system who will make the right decision no matter who they're pissing off. My hat's off to you, Judge Tjoflat!

P.S. More people should know about this decision and the judges!

The analogy to a combination for a safe seems very apt, I've forgotten: what is the precedent in such situations? Have people been forced to give up the combination for a safe in court before?


> With a safe, however, the government does have the recourse of breaking out a blowtorch and cutting the safe open (which has been done in order to circumvent the 5th Amendment issues of compelling a suspect or defendant to open the combination lock).

It's also worth adding that a safe can be forced open physically within a reasonable amount of time. A drive, encrypted properly, may not be able to be decrypted our lifetime, and this is what leads law enforcement to attempt to 'force' the suspect to provide the key themselves.

How long does my safe have to be uncrackable in order for me to have to open it to incriminate myself?

I personally have no ability to crack a safe, and that makes all safes out of reach to someone at my skill level. If I'm all the police have to crack your safe, do you have to incriminate yourself? If not, then what level of competence do the police have to demonstrate?

Full-disk encryption is theoretically strong, but actual implementations are not likely to be as secure. If you tasked the world's best cryptographers with getting data off an encrypted computer and gave them five years, I bet you'd get the data. And I'm pretty sure that the Constitution doesn't say: "No person shall be compelled in any criminal case to be a witness against himself, unless the government is to cheap to do a proper investigation."

See shingen's comment

Also, if the police blow-torch open your safe the prosecutors still have to prove you had knowledge and access to what was in the safe. If you are forced to give access you are most certainly self-incriminating yourself.

Imagine if you stored a murder weapon in a safe. A search warrant will almost always open a safe (either by voluntary capitulation or by force).

There has been a lot of debate over whether a court should have to issue a specific search warrant just for a safe, or whether a search warrant for your property is enough to allow them to open such. The authorities always attempt to apply a search warrant for your house to mean your safe as well. You'd need some kind of pre-emptive action to try to stop that, and even then, good luck.

Sorry, that's a bit different than what I'm asking. One of the ways the "safe" analogy breaks down when talking about crypto is that safes can generally be broken open by force but well encrypted data cannot be. I'm asking if there have been instances in the past where police could not break open a safe by force and so instead compelled (or tried to compel) the defendant to reveal the combination in court.

I just asked a lawyer friend this that does trials; he says: in cases where there is a sealed safe (the police / govt didn't breach it for whatever reason) a court will usually ask you to open it if the prosecution can provide enough evidence to suggest that the contents are a critical element to the case. That requires some kind of trail that leads to the safe. A court won't just automatically force you to open your safe and potentially incriminate yourself; but they also will not allow you to use a safe to hide your murder weapon if all evidence points to you having stored it there.

In the case of cryptography, if the contents are bad enough to put you in prison for a zillion years, obviously you have to make a judgment call as to the punishment if you refuse a court order to decrypt the contents. Since this is still such a relatively new gray area, I'd say a court would still blaze its own path (not depend primarily on prior precedent) in deciding if you're to be compelled. Perhaps you aren't likely to be convicted of the worst charges if you don't decrypt, and it might prevent the prosecution from building up other charges, but you will be punished by the court for refusing its order.

Would refusal to decrypt be contempt of court? If so, the penalties seem to be far more lenient than any of the crimes I can think of that one would want evidence of hidden. It may well be that savvy criminals would adopt strong encryption as a matter of course.

Yes, it'd be contempt of court if you disobeyed a court order to decrypt a drive. The contempt would very likely be preferable. It's not a felony after all.

It'd have to be better than what is on the drive - assuming you've got anything on the drive to begin with (some kind of incriminating evidence or something else they can build charges with). The difference might very well be that you prevent the prosecution from building a strong enough case, and at the least maybe you buy yourself some time to build a better defense.

I'd predict that as major crime continues to shift to the digital realm, criminals will adopt ever stronger encryption for that very reason, and the government will use that practice to argue in favor of violating more civil rights. Seems to be the trend these days.

IANAL, but isn't there something about the rules of evidence?

Like, the prosecution can't just say "we think he hid it on an encrypted HDD, but we aren't sure". The judge won't allow that. But if you claim to have forgotten the password, then the prosecution can speculate.

What if the evidence is exculpatory, but you still refuse to decrypt it? Then you'd be in contempt of court for failing to defend yourself adequately.

Way to answer a question without answering the question, or even knowing the answer. :)


BTW, this came off as snarky and I didn't mean it to sound that way. Apologies in advance.

What is the difference between an encrypted hard drive, and one filled from /dev/random or the like? If I fill a hard drive with cosmic noise, can I be face consequences for not being able to decrypt it?

Nothing - my personal opinions aside, the difference seems to be if the prosecution has enough evidence to convince a judge that a specific piece of suspected evidence is contained in that encrypted data.

The court decision even addresses this - that there is no way to tell whether the drive is full of random data or real files once decrypted, and the government has not shown they are looking for a specific information - they are basically going on a fishing expedition saying "make him decrypt his drive because we think we'll find bad stuff on it"..... that's different than "Make him decrypt his drive because the file we gave him in the sting operation is strongly believed to be sitting on his drive, because the undercover officer saw him load it onto the laptop right before we arrested him". In this case, the court ordering the guy to decrypt the drive is reasonable. The devil is in the details it seems... the details are everything.

They absolutely can't just bust down your door and demand your decryption keys.... the court seems to have addressed that.

Can't the investigators get a warrant to spy on the suspect? They then install a bunch of spyware on the machine and in the suspect's home and on the suspect's internet connection.

If I was that suspect then I would never, ever, use that computer again.

For sure.

There are other measures the suspect could have taken; store everything on an always encrypted micro-SD, which is tiny enough to be easily destroyed.

Actually: Has anyone done any research about the risks of "super microscopes and Flash memory"? There's a theoretical risk with conventional platters. I don't know how big one bit is on a conventional drive, and I don't know how big one bit is on a, say, 8GB micro-sd card.

What are they going to do, read the encrypted data off the flash drive the hard way?

I stress this is just me noodling around, and that I'm not talking about real world risks. But: Is it possible to read unencrypted data of the flash drive the hard way?

Obviously, if it's sensibly encrypted there's no point. But a person may think they have physically destroyed a flash drive only to have left information available.

Here's some links to DIY de-capping and microscopy of a variety of ICs:




I imagine it's probably possible. The trick with flash drives though I think is the size. You could easily swallow a micro sd card without anyone even noticing.

In plain English: Does this mean an encrypted hard drive CANNOT be decrypted by law enforcement and the contents of the drive cannot be used in court to convict?

> In plain English: Does this mean an encrypted hard drive CANNOT be decrypted by law enforcement and the contents of the drive cannot be used in court to convict?

Not exactly. It means that the defendant does not (currently) have to provide the decryption key in cases where law enforcement has had no luck accessing the volume via other means.

Not all encryption schemes are created equal, and in many cases, law enforcement will attempt to circumvent or retrieve the key otherwise (i.e. volatile memory, disk controllers, etc).

So a sufficiently strong method of encryption (one that is proven to be not time or resource efficient) is enough to protect your hard drive from law enforcement eyes?

To an extent, yes.

If the prosecution simply suspects there to be incriminating evidence on the encrypted drive, however strongly, then compelling you to decrypt the drive would be "testimonial". After the decryption, they'd have evidence they didn't have (or at least didn't know of) before the decryption. That's effectively testifying against yourself, and thus subject to 5th Amendment protection.

If, OTOH, the government already specifically knows that you have incriminating data on an encrypted drive, this test doesn't seem to apply, per my reading. It's not "testimonial" for you to decrypt the drive, as they already know the evidence exists, and that it's on the encrypted drive. The plaintext doesn't give them anything they don't already know about.

An interesting question in all this is the disposition of additional evidence, beyond the stuff they already knew about, in such a case. Contrived example: if John Doe is compelled to decrypt his laptop to provide the prosecution with evidence they already knew about in an embezzlement case, and they happened also to find child porn (which they had no reason to suspect the existence of, and weren't searching for) on the drive, does that mean new charges?

If, OTOH, the government already specifically knows that you have incriminating data on an encrypted drive, this test doesn't seem to apply, per my reading. It's not "testimonial" for you to decrypt the drive, as they already know the evidence exists, and that it's on the encrypted drive. The plaintext doesn't give them anything they don't already know about.

How can one know something exists if they don't have it? They can be "pretty sure", but they can't "know". Therefore, providing the encryption passphrase is always testimonial. (Mumble, mumble, something about a radioactive cat...)

How can one know something exists if they don't have it?

I don't think the distinction the court is making here is particularly epistemological. The question isn't even directly about the specific evidence on the encrypted drive. It's about whether the act producing said evidence, itself, would be testimonial. If the prosecution "knows" you have this evidence, however — legally, of course — they came by that knowledge, then the act of producing it isn't testimonial. If they don't know of specific evidence, OTOH, then compelling you to produce any evidence you might have would be.

If, for example, you were dumb enough to admit to a third party that you keep the map showing where you buried the bodies on an encrypted drive, that person's testimony might be sufficient. Worse, you might have let slip that's where the data is while being interrogated. Or maybe the Customs agent saw a file named "XYZ Company Fraud.xls" the last time you came back from overseas, and now you're being prosecuted for defrauding XYZ Co. There are countless ways for the man to come by knowledge of the existence of a specific piece of evidence.

In the case of child porn, how about network logs from your ISP? Would this be enough? There's no way they can be sure that the images are stored on your disk. But digital traces are logged all over the place, so this is a very relevant point.

Look at the first comment by Jon Shields (on volokh.com, not here), addressing exactly that aspect of US v Fricosu (a prior recent case where the defendant was ordered to turn over a decrypted copy of the disk).

They had wiretaps of Fricosu admitting to someone else that specific information existed on his laptop. Although the prosecution did not have the plaintext documents that Fricosu was referring to, his admission over the phone was deemed enough for it to be a foregone conclusion that the documents existed on his laptop, and therefore the court could order Fricosu to decrypt.

Quoting footnote 27 of Fricosu: [In the wiretap transcript], Friscosu essentially admitted every testimonial communication that may have been implicit in the production of the unencrypted contents.

The suspect could have told about it to somebody, or somebody (like informant) could have seen it sometime ago, or maybe even gave it to him while working undercover, or they could have observed the suspect receiving the file while working on the specific computer (i.e. via wiretap or by observing the connections on the sending side or while in transit). Of course, there's no proof that between that and current moment something didn't happen and the file wasn't deleted - but at least if it was not, the fact that it existed would not be news. That's like if I give somebody a secret document and he puts it in the safe, then the fact that he has the document in the safe is not news to me - even though in the meantime somebody could have broken into the safe and stolen it, for example, so I can't be 100% sure it's actually there.

So basically, prosecutors need to lie (or get someone to lie on their behalf, aka an informant). And since they have immunity, there's strong incentive to do so, right?

I don't see how this ends well for We, the People.

It really depends. If the police have some corroborating evidence that you have records of all your illegal arms dealing (or whatever) on your encrypted drive then the court can still compel you to decrypt it. At that point you can decrypt it or refuse/feign that you've forgotten (risking of contempt of court).

Well, from reading the opinion it seems that one important factor was that basically the government's position was "we don't know if there's hidden encrypted data here, and if there is we don't know if that data is relevant to the case". So keep that in mind when interpreting this.

even further, the prosecution has not indicicated a specific file or location he expects to find, based on other evidence, on the drive.... and the court is deciding that amounts to a fishing expedition. they want to see his decrypted drive because it might contain evidence... not because they are very certain it had a key piece.

even more important, although brief, is that by decrypting the drive the defendant would be automatically admitting he had control over the drive and its contents... something otherwise arguable on an unenecrypted drive, meaning he woud be testifying against himself for any illegal material found, even. if unrelated to thecase.

I wonder if evidence acquired by brute force decryption is admissible?

Sure, if the seizure of the laptop as evidence was legal and all that, of course it would be.

The issue is the defendants rights and responsibilities in helping them figure that out.

My Objections Re Judicial Or Legislative Constraints On Cryptology In A First / Fourth / Fifth Amendment Domain: The Idioglossia Paradigm

The following all occurs in San Francisco. Imagine that Alice, a native speaker of english, has devised a private spoken language, which is grammatically and linguistically rich, robust, and functionally complete, and which also is completely indecipherable and "un-analysable" to others by any means. Assume that no one, without Alice's cooperation, can definitively ascertain if she has taught anyone else to speak or understand her language.

1. May Alice legitimately be constrained from (or sanctioned for) expressing herself in this language?

2. If a communication by Alice in this language has been audio-recorded, under what condition may she legitimately be compelled to translate the recording?

3. If the communication of item #2 has been rendered -- or even originally produced -- in a faithful phonetic written form on a single paper copy, under what condition may Alice legitimately be compelled to translate it?

4. If the single copy of #3 is instead digital, produced in a manner such that nothing about its location, file-name, etc. imply anything about the content of the communication, then under what condition may Alice legitimately be compelled to translate it?

5. Now imagine another person, Carol, an "idiot savante", with idioglossic capability which superficially seems equivalent to Alice's. However, Carol's case is different, in that she has the mental ability to perform the most advanced and secure key-generation, encryption, and decryption without artificial aids. Carol's talent is so profound, that her encrypted-from-english speech -- and her comprehension of any received communication which has been thus encrypted -- occurs in real-time, and is indistinguishable from the naturalistic communication of a speaker of some unknown language (e.g. Alice).

Are the answers to items #1-through-#4 any different in Carol's case?

6. Suppose that Ted purchases a new, blank, never-formatted hard-drive, formats it, creates a top-level directory named "Porn", and three subordinate directories named "Adults","Teens", and "Even Younger", and in the last creates a subordinate directory named "Screamed So Loud, I Had To Wear Hearing Protection". Into this directory he creates -- eiher copied or "de novo" -- a file named "I Got This From Alice.mpg.pgp" and one named "I Got This From Carol.mpg.pgp". Ted then purchases a new laptop computer, and replaces its single hard-drive with the one containing those files.

Ted then proceeds quickly to a nearby place, where he is detained and the computer examined, and the the presence of the files is discerned by the examining authority. Forensic examination of the contents is fruitless. IANAL, but I believe that it can reqasonably be said that Ted has committed no illegal act in arriving at this moment.

What can legitimately be compelled of any of the three named parties?

7. Ted is suspected of having child-porn on the disk, and is arrested. From the moment of his arrival at the place where is was originally detained,until the moment when a court orders Ted to render the files intelligible, Ted has communicated nothing to anyone except the bare minimum which is legally required (name, etc.).

The "government" has expended enormous effort and expense in this entire matter. At this point Ted complies with the court's order. (IANAL, but I believe that the exact manner in which he does this is irrelevant to the coming question.)

The contents of the files are shown to be nothing but the most scatalogical, vile, horrific, vituperative, and scurrilous written characterizations of all of the individuals -- by name -- involved in Ted's detention, arrest, prosecution and trial, including any judge(s) involved.

From the perspective of knowing nothing of Ted's intentions or actions before the examination of his computer -- and nothing after except what was apparent to all involved without his cooperation -- can Ted reasonably be said to have violated any laws? Are there any charges which are likely to be sustained, assuming adequate and competent defense counsel?

Interesting questions, to which I shall attempt brief, (but necessarily superficial) replies. However, I'm going to go on general principles rather than 9th circuit precedent, California law, or rules of the court of the City and County of San Francisco, for the simple reason that I am not willing to spend hours checking them

Alice If we stipulate the existence of Alice's language with the characteristics you describe, it's hard to see how it could be beyond any sort of analysis - but we'll examine that in more detail with Carol.

1. Yes. Alice being a native speaker of English, the court can demand that her testimony, if any, be in the same language as that of the proceedings.

2. Where she is a material witness testifying under oath with a grant of immunity, and there is reason to believe that the recorded speech is material to the proceedings - eg if she made a speech in her private language, and then remarked in English upon the subject of her speech.

3, 4 - likewise, insofar as she is capable. 2, 3, & 4 are all types of Funniest Joke in the World problems: if the communication is recorded in any form such that a person can understandably repeat it to Alice without themselves understanding the content, then the onus is on Alice to interpret the meaning for the court. (http://en.wikipedia.org/wiki/The_Funniest_Joke_in_the_World)

Carol, the human encryption engine My understanding is that Carol also speaks English; that being the case, the same answers. Carol's lack of insight into her linguistic/cryptographic facility is irrelevant; after all, most people speak fluently in their native language without necessarily being able to analyze how. Illiterate people can't articulate rules of grammar but can still talk; likewise, one can toss a ball reliably without knowing the first thing about calculus or mechanics. This is a Chinese Room type of problem; unlike Searle, I don't think there needs to be an identifiable seat of consciousness. (http://en.wikipedia.org/wiki/Chinese_room) Like Hofstadter, courts are concerned with capacity and compliance, rather than epistomological understanding. It is enough that Carol be able to consistently exercise her talent on demand. There's a parallel to this situation with claims of facilitated communication for autistic or otherwise incommunicative people; some cases have fallen apart dramatically in court when the claims of interpretative ability were proved unreliable, though not before some defendants had their lives ruined with false accusations of abuse.

Ted 6. I'm unclear on what basis Ted was detained and his computer examined, and a defense attorney would certainly start by attempting to suppress such evidence if it was obtained via an illegal search. With a grant of immunity, one could compel from any of the three testimony about what contact had occurred between them, if any (eg whether Alice has ever met Ted or given anything to him), and likewise a good-faith attempt at 'translating' the PGP file - eg Carol might be able to decrypt it given a lucky guess at the key, if it were absurdly insecure.

7. If Ted is suspected and tried of possessing child porn based solely on the suggestive folder names, and a judge found no reason to suppress, then he would likely be acquitted since the naming of the folders was not done under oath. With no testimony on Ted's part, his defense counsel could argue that there are many possible reasons to engage in such activity. Perhaps Ted plans to create a fictional story about a child pornographer and intends to employ the laptop as a prop - the sort of prop that is often employed in movie and TV shows about police investigations. Perhaps Ted merely has a warped sense of humor. Perhaps he aims to entrap a child pornographer by connecting the laptop to the internet and seeing who downloads the files. Perhaps the files do contain video...of Ted's face as he imagines pornographic situations. The existence of so many possibilities casts a reasonable doubt on the supposition that the folder names are necessarily descriptive of their content.

But now take the file content as the hostile characterizations of the law enforcement personnel that you describe. This is potentially incriminating; not because it speaks ill of the legal establishment, but because we must ask how probable it is that the identity of everyone involved in Ted's legal case was foreseeable. If Ted lives in a small town with one cop, one sheriff, one prosecutor, one defense lawyer, one clerk of court, and one judge, and had some reasonable expectation of detention and search - eg a history of poor relations with the town's sole cop - then the involvement of these individuals with Ted's criminal prosecution was highly foreseeable, and it is quite plausible that Ted wrote his hostile prose as a description of what he expected to occur that day, which suspicions have been vindicated by events. In that case, the evidence would probably be exculpatory insofar as it demonstrated Ted's prior belief that he was going to be the victim of legal harassment, albeit in perverse fashion.

But since this episode takes place in San Francisco, a city of about 700,000 people, the chances that Ted could accurately predict the identity of everyone connected with his arrest and prosecution in advance are very low indeed. Ted would need to have either superhuman powers of foresight, or introduce additional evidence to show why that combination of individuals was rationally predictable - proof of corruption in the local legal establishment, or an enormously detailed knowledge of administrative scheduling and procedure in multiple different offices - police station, jail, DA's office, Sheriff's office, and Court. The probability of accurate foresight here is so low that a jury might infer Ted had encrypted multiple streams of information in advance and selected an appropriate key during trial: memorizing a list of all law enforcement personnel in advance, supplying a key representing the ordinal placement of the arresting officer Ted in an encrypted version that list, and using a decryption process that retrieved the name of the officer and substitutes it into a generic 'vile characterization' written and encrypted in advance. This would require a truly impressive memory for multiple long lists, but such feats of memory are not superhuman; there are professional entertainers who specialize in such feats and can explain or demonstrate them.

The probability that Ted had the time, capability and inclination to do this is demonstrably higher than the probability that he was clairvoyant or an incredibly good guesser. If, as seems possible, the specificity of the document rested on a trick of memorization and a selective decryption mechanism that could yield multiple valid-seeming plaintext values in response to multiple different keys, then a jury would have to weigh the possibility that the decryption process was intended to be obfuscatory rather than revelatory, and that there might well be a 'meta-key' that decrypted the files into video of child porn for Ted's illicit enjoyment. In other words, a perverse form of steganography that overtly identifies its significant content but frustrates its easy retrieval. Obviously this is all subject to the limits of information theory - if the size of the scurrilous prose plaintext file and the size of the encrypted files were both small and close - only a few kilobytes in length, say - then the probability that the encrypted files also contained contraband video would be correspondingly small. If the encrypted files were several gigabytes each, it would be entirely possible for them to include video, scurrilous plaintext, and multiple lists of names.

There would still, arguably, be a reasonable doubt about the nature of the still-hidden data in the file (if any), but the jury would be entitled to take these factors into account when assessing the defendant's credibility. On these facts, I think that Ted would have to be acquitted on charges of possessing child porn, as its existence could not be established beyond a reasonable doubt - if he were convicted, an Appeal court would probably free him. On the other hand, and subject to the estimable probabilities described above, I think he could be convicted of obstruction of justice for wilful frustration of the Court's fact-finding function - not by declining to comply, but by complying in such a manner as to strain the bounds of credibility.

this is the key to this case and reasonings behind such a response from court:

> The Government attempts to avoid the analogy by arguing that it does not seek the combination or the key, but rather the contents.

Government had inexperienced prosecutor building case and the judge, rightfully responded to prosecutor request: in order to get the content that prosecutor wants, they need keys. By not revealing keys defendant is using 5th. Everything seems fine, other than I am sure this case will come back and this time prosecutor will wont the keys not the content. This mistake, I think rest assured, will not happen from Prosecutor's part again in this or any other cases.


below is what I started typing but when I read the case again it stroked me as of why we dealing with such a decision. I decided to leave it instead of deleting if you want to read anyways:

First and foremost: I use TrueCrypt. Its amazing, simple, and it works. Just make sure, when converting existing partition, you use at least "3-pass wipe" mode since todays hard disk drives can keep "second layer" of magnetized data you were converting for months giving law enforcement access to your pure data pre-endryption. In my example, I have about 10TB across 8 HDD with my CAD/3DStudio Max work. I also have hours of digital-cam material from 2003 where 15 minutes of recording took 2TB of avi files and I never cared to convert.

Said that, I think in this case the court was terribly wrong and defendant should play lottery first thing he leaves the jail.

> First, the decryption and production of the hard drives would require the use of the contents of Doe’s mind

say what? they asked him for password he knows. He doesnt want to give it out. Court agrees saying that this would require to force defendant to use his mind and reveal information he keeps there and that noone else can access. May I know any court case or any case where defendant brain would not be used?? I dont honestly find a difference between asking him for password and asking him for anything else in any case proceedings. He is unwilling to comply with court, bottom line.

> Just as a vault is capable of storing mountains of incriminating documents, that alone does not mean that it contains incriminating documents, or anything at all.

sure, but if the Government has any other evidence against defendant, the burden of proof should clearly shift to defendant. If, for example Government has ISP logs of tons of torrent data downloaded by defendant router, one can fairly assume that illegal files are stored there. If defendent is not willing to "open the safe" by releasing the key, he should be found guilty by withholding the evidence. -- Just open the damn vault and show those idiots from the Govt & Co how stupid they really are!

     rest assured, will not happen from Prosecutor's part
     again in this or any other cases
When asking for something, such as a key, the prosecutor has to have at least a reason behind the request (like retrieving the contents of that safe, or hard-disk).

Also, if the legal system is so dumb about semantics such as this, there's now a powerful precedent anyway.

      He is unwilling to comply with court, bottom line.
But he has the right to not comply with the court, as then he would incriminate himself. The prosecutor first has to prove that the defendant is actually guilty, otherwise that's just fishing for evidence and crimes committed which may or may not exist. And that's exactly what the 5th Amendment is about.

      If, for example Government has ISP logs of 
      tons of torrent data downloaded by defendant router, 
      one can fairly assume that illegal files are stored there
That's just stupid. I download everything big from torrents, like Ubuntu Linux distributions ... should that give anybody the right to inspect my hard-drive?

> Also, if the legal system is so dumb about semantics such as this, there's now a powerful precedent anyway.

what do you mean? Prosecution should be asking specific questions, judge should address them. In this example they didnt ask for keys, they asked for the content of the hard drive.

Anyways, yes Prosecution asks stupid questions; even more: they will try to persecute you and put behind bars based on their frivolousness thinking process. This case is a great example: they dont know whats on the hartd drive, but there may be illegal files so yeah lets put the guy in jail.

> The prosecutor first has to prove that the defendant is actually guilty, otherwise that's just fishing for evidence and crimes committed which may or may not exist.

well they had to build a case somehow. something must have gotten them to this guy's door, right?

> That's just stupid. I download everything big from torrents

no, by "tons of torrent" data I did not necessary mean big in size. if his IP was found on plenty of illegal torrents then this was a good enough reason to assume he is downloading illegal stuff [but let alone not good enough to sentence him].

I guess it's better late than never. A critical finding.

Applications are open for YC Winter 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact